Security+ Ch 1-11 Fall 2018
10. Which IPv4 address might be valid on the Internet? Choose the best response.
150.50.101.32
15. How many total packets need to be exchanged for a TCP handshake? Choose the best response.
3
6. According to NIST, what is the effective strength of a 168-bit 3DES key? Choose the best response.
80-bit
8. What protocol is used to find the MAC address of a given IP address? Choose the best response.
ARP
11. What network attack can only be used on local network segments?
ARP poisoning
14. You have a lingering problem with mobile users who connect to untrusted Wi-Fi networks without enabling their VPN, out of forgetfulness or lack of technical knowledge. What technology might help solve the problem? Choose the best response.
Always-on VPN
1. Which type of cryptography is most commonly used for key exchange? Choose the best response.
Asymmetric encryption
2. As a user, what can you do to protect yourself from man-in-the-middle attacks? Choose the best response.
Avoid connecting to open WiFi routers.
13. What element of a vulnerability assessment compares security performance to existing security configuration documents? Choose the best response.
Baseline review
12. You've traced some odd network activity to malware that's infected a whole department's computers. They're processing a distributed task using spare CPU cycles, communicating with a remote server, and sending email to random targets. What kind of malware is it? Choose the best response.
Botnet
6. An attack on your web application began with a long string of numbers sent to a field that's only supposed to hold a four-digit variable. What kind of attack was it? Choose the best response.
Buffer overflow
10. What element of your risk mitigation strategy helps keep future additions to your network from introducing new security vulnerabilities? Choose the best response.
Change management
12. What security feature makes it more difficult for an attacker to trick you into installing a fraudulent Ethernet driver that reports on your network activities? Choose the best response.
Code signing
1. Someone put malware on your computer that records all of your keystrokes What aspect of security was primarily attacked? Choose the best response.
Confidentiality
3. You're configuring a router, and want it to check the properties of incoming traffic before passing it on. What will this require? Choose the best response.
Configuring ACLs
4. What might protect users from copying sensitive files to external media?
DLP
16. What kind of communications would be suitable for UDP? Choose all that apply.
DNS requests; Online games; Streaming video
12. What protocol can be used to prevent DNS poisoning? Choose the best response.
DNSSEC
6. Your organization has a critical database full of customer PII, and a new employee was just authorized to use it. How would you best describe the role of the system administrator who configures user permissions in the database software?
Data custodian
7. What might a router using PAT change on packets passing through? Choose all that apply.
Destination address for incoming packets; Source port for outgoing packets; Destination port for incoming packets
7. What process gives integrity, authenticity, and non-repudiation? Choose the best response.
Digital signature
5. What asymmetric algorithm uses complex new mathematical approaches to create relatively short but very secure and high-performance keys? Choose the best response.
ECC
8. Your WAP is currently secured with WPA Personal encryption, using a shared key. Which of the following is true? Choose the best response.
Enabling 802.1X could increase security, but enabling WPS would reduce it.
16. While conducting a penetration test you've just managed to get access to an important server. The main problem is that you got it through a session hijacking attack that took both luck and precise timing, and might be cut off at any time. Given limited time, what should your next step be? Choose the best response.
Establish persistence
5. NIST defines the standards for UTM devices. True or false?
False
7. Qualitative risk assessment is generally best suited for tangible assets. True or false?
False
8. Social engineering attacks are most commonly either in person or over electronic media rather than on the phone. True or false?
False
9. Blocking and cleaning Flash cookies is much the same as for any other browser cookies. True or false?
False
5. A security program alerts you of a failed logon attempt to a secure system. On investigation, you learn the system's normal user accidentally had caps lock turned on. What kind of alert was it? Choose the best response.
False positive
3. What category of attacker might also be called cyberterrorists? Choose the best response.
Hacktivists
2. What type of cryptography is usually used for password storage? Choose the best response.
Hashing
4. Which controls primarily protect data integrity? Choose all that apply.
Hashing;Backups
8. You're shopping for a new A/C unit for your server room, and are comparing manufacturer ratings. Which combination will minimize the time you'll have to go without sufficient cooling? Choose the best response.
High MTBF and low MTTR
4. What protocol would an echo request packet use?
ICMP
9. On an IPsec VPN, what protocol negotiates security associations? Choose the best response.
IKE
1. ACLs are based on which assumption? Choose the best response.
Implicit Deny
10. What defines an EV certificate? Choose the best response.
It requires a stricter identity verification process on application
3. What happens to a non-tagged frame on a VLAN trunk?
It's forwarded to the trunk's native VLAN.
12. Your employer demands a copy of all private keys used on devices you use for work, since regulatory requirements require them to be able to decrypt any official communications when legally requested. What is this an example of?
Key escrow
11. What VPN type is secure, compatible with nearly any application, and supported by most operating systems?
L2TP/IPsec
14. What kind of application centrally manages security policy on all company mobile devices?
MDM
4. Evil twins are mostly used as part of what kind of attack? Choose the best response.
Man-in-the-middle
5. Which storage option is just a refinement of traditional file servers?
NAS
2. What kind of attacker is an APT most commonly associated with? Choose the best response.
Nation states
11. What's generally seen as the most modern and flexible way to find out if a certificate has been revoked?
OCSP
13. What certificate formats commonly use the web of trust model? Choose the best response.
OpenPGP
2. What type of control would a security assessment procedure be? Choose the best response.
Operational
14. What certificate encoding is intended for use in secure email? Choose the best response.
PEM
15. An attacker's gotten a fraudulent certificate attesting to be for your bank and is planning to intercept your transactions in a man-in-the-middle attack. The certificate hasn't been revoked yet, but what technology could still let you know something is wrong?
Pinning
4. Which of the following was originally designed as a stream cipher? Choose the best response.
RC4
11. What application vulnerability can be exploited by providing a series of normal data inputs with a specific sequence and timing? Choose the best response.
Race condition
10. A user logs into their computer and is presented with a screen showing a Department of Justice logo indicating the computer has been locked due to the user being in violation of federal law. The screen gives several details of the violation and indicates that the user must pay a fine of $500 within 72 hours or a warrant will be issued for their arrest. The user cannot unlock their system. What type of malware is likely infecting the computer? Choose the best response.
Ransomware
9. Your company has long maintained an email server, but it's insecure and unreliable. You're considering just outsourcing email to an external company who provides secure cloud-based email services. What risk management strategy are you employing? Choose the best response.
Risk transference
13. You've found a computer infected by stealth malware. The program installed itself as part of the computer's boot process so that it can gain access to the entire operating system and hide from antimalware software. What kind of malware is it? Choose the best response.
Rootkit
6. Which of the following is an example of a load balancer scheduling method? Choose the best response.
Round robin
8. You've received an assortment of files along with accompanying hashes to guarantee integrity. Some of the hash values are 256-bit and some are 512-bit. Assuming they all use the same basic algorithm, what might it be? Choose the best response.
SHA-2
18. What protocol would you use to connect to a shared drive on another Windows system? Choose the best answer.
SMB
14. You want to securely connect to a server via a command line terminal interface. What protocol should you use? Choose the best answer.
SSH
13. What security appliance is similar to a MitM attack, but designed to enhance network security rather than disrupt it? Choose the best response.
SSL decryptor
1. What category of attackers are defined by their limited sophistication and reliance on pre-packaged tools? Choose the best response.
Script kiddies
4. What kind of attack is most likely when you're doing sensitive work on your laptop at a coffee shop? Choose the best response.
Shoulder surfing
6. Several coworkers in the sales department received email claiming to be from you. Each message was personally addressed, and contained a link to a "test site" and a request to log in with normal user credentials. You never sent it, and on examination the supposed test site is a phishing scam. Just what variant of phishing is this? Choose the best response.
Spear phishing
9. A user complains that every time they open their Internet browser, it no longer goes to their preferred home page and advertisements pop up in dialog boxes that they have to close. What is the likely cause? Choose the best response.
Spyware
8. What SQL injection technique relies on unfiltered semicolons?
Stacked query
3. What cryptographic tool is commonly built into a motherboard?
TPM
2. What kind of WAP is designed for use with a central WAN controller? Choose the best response
Thin
4. What DMZ topology is displayed? Choose the best response.
Three-homed firewall
10. A service pack is generally a more major update than a maintenance release. True or false?
True
11. A vulnerability scan can be intrusive or non-intrusive. True or false?
True
11. Downgrades are often more difficult than upgrades. True or false?
True
12. You can use a VPN to securely encrypt all of your network communication even on an open Wi-Fi network. True or false?
True
15. Vulnerability scanners are a good way to determine a network's attack surface. True or false?
True
19. HTTPS adds security to HTTP and uses a different port, but otherwise is fundamentally the same. True or false?
True
2. When configuring an IDS you might want to allow a few false positives to make sure you never get any false negatives, but not the opposite. True or false?
True
3. Malware is a common example of a threat vector. True or false?
True
5. "Big data" shouldn't be confused with "cloud storage"? True or false?
True
5. Impersonation is a core element to most social engineering attacks. True or false?
True
8. In general, you should leave the Guest account in Windows disabled. True or false?
True
9. For a local server, you might not need the full domain name to perform a DNS lookup. True or false?
True
17. Your company's custom server software application needs a TCP port to listen on. What port range should it be configured to use?
User
14. What kind of penetration test involves a tester with full knowledge of your network configuration?Choose the best response.
White box
9. A company configures workstations only to run software on an approved list. What is this an example of?
Whitelisting
7. What was the first version of Windows to include real-time antivirus scanning?
Windows 8
13. What potential security risk does an SD card pose that a USB thumb drive does not?
Wireless attacks
11. What kind of malware can spread through a network without any human interaction? Choose the best response.
Worm
6. You want to create a point-to-point wireless link between two buildings. Your goals are to keep a strong signal between the two transceivers while minimizing the area in which eavesdroppers can access network traffic. What antenna style should you use for each? Choose the best response.
Yagi
5. What kind of attack is against a software vulnerability which hasn't been patched yet? Choose the best response.
Zero day
3. Order the following encryption ciphers from weakest to strongest.
a. 3DES; b. AES; c. Blowfish; d. DES
3. What tools allow amplification of a DoS attack? Choose all that apply.
a. Botnets;b. Malformed packets;c. Reflection
1. Complex passwords that are combinations of upper and lower case letters, numbers, and special characters protect your system from which types of attacks?
a. Brute force;b. Dictionary
10. What XSS techniques don't require anything to actually be stored on the target server? Choose all that apply.
a. DOM based;b. Reflective
10. What secure protocols add SSL/TLS security to protocols which were insecure on their own? Choose all that apply.
a. FTPS, b. HTTPS, c. SNMPv3
6. Order the steps of a complete risk assessment.
a. Identify assets potentially at risk.;b. Conduct a threat assessment for each asset.;c. Analyze business impact for each threat.;d. Determine the likelihood of a given threat doing damage.;e. Prioritize risks by weighing likelihood vs. potential impact of each threat. ;f. Create a risk mitigation strategy to shape future security policies.
7. What security controls can protect against tailgating? Choose all that apply.
a. Mantraps; b. Security guards
12. What steps might be taken as part of a vulnerability scan? Choose all that apply.
a. Passively testing security controls;.b. Finding open ports;.c. Identifying vulnerabilities
9. What is true of a digital certificate, but not true of a digital signature? Choose all that apply.
a. Proves the authenticity of a person or system; b. Has a valid starting and ending date
7. What application attacks directly target the database programs sitting behind web servers? Choose all that apply.
a. SQL injection;b. XML injection
13. Match the network protocols with their default ports
a. Telnet 23; b. SSH 22; c. SNMP 161; d. SMTP 25; e. FTP 21; f. LDAPS 636; g. DNS 53; h. POP 110; i. IMAP 143
7. Order WAP encryption methods from most to least secure.
a. WPA2-AES, b. WPA-AES, c. WPA2-TKIP, d. WPA-TKIP, e. WEP
1. Order the OSI layers from bottom to top.
a. physical; b. datalink; c. network; d. transport; e. session; f. presentation; g. application